package com.zijin.config;

import cn.hutool.core.util.ObjectUtil;
import com.baomidou.mybatisplus.extension.toolkit.Db;
import com.zijin.constant.AuthorityConstant;
import com.zijin.constant.JwtClaimsConstant;
import com.zijin.exception.BaseException;
import com.zijin.properties.JwtProperties;
import com.zijin.service.user.IRoleService;
import com.zijin.utils.JwtUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.Set;
import java.util.stream.Collectors;

/**
 * @Title: SecurityUtils
 * @Author JWei Xu
 * @Package com.zijin.utils
 * @Date 2025/2/1 10:03
 * @description: 安全类，进行权限的管理
 */



@Component
@Slf4j
public class SecurityUtils {

    private static IRoleService roleService;

    @Resource
    private IRoleService roleServiceInit;

    @Resource
    JwtProperties jwtPropertiesInit;


    private static JwtProperties jwtProperties;


    @PostConstruct
    private void init(){
        roleService = this.roleServiceInit;
        jwtProperties = this.jwtPropertiesInit;
        log.info("安全组件注入完成~");
    }

    public static boolean hasAllRole(String[] value) {
        if(isAdmin()){
            return true;
        }
        Set<String> roleName = getRoles();
        if (ObjectUtil.isEmpty(roleName)) {
            throw new BaseException(AuthorityConstant.INSUFFICIENT_PERMISSIONS);
        }
        for (String s : value) {
            if (!roleName.contains(s)) {//一旦有一个不存在，就不能继续访问
                throw new BaseException(AuthorityConstant.INSUFFICIENT_PERMISSIONS);
            }
        }
        return true;
    }

    public static Boolean isAdmin() {
        Set<String> roleName = getRoles();
        if(roleName.contains("admin")){
            return true;
        }else {
            return false;
        }
    }

    public static Boolean isAdmin(Long id) {
        Set<String> roleName = roleService.getRoleName(id);
        if(roleName.contains("admin")){
            return true;
        }else {
            return false;
        }
    }

    public static Boolean hasRole(String[] value) {
        if(isAdmin()){
            return true;
        }
        Set<String> roleName = getRoles();
        if (ObjectUtil.isEmpty(roleName)) {
            throw new BaseException(AuthorityConstant.INSUFFICIENT_PERMISSIONS);
        }
        for (String s : value) {
            if (roleName.contains(s)) {
                return true;
            }
        }
        throw new BaseException(AuthorityConstant.INSUFFICIENT_PERMISSIONS);
    }

    public static Boolean notHasRole(String[] value){
        return !hasRole(value);
    }

    private static Set<String> getRoles(){
        try{
            ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            HttpServletRequest request = attributes.getRequest();
            String token = request.getHeader(jwtProperties.getUserTokenName());
            ArrayList<String> strings = (ArrayList<String>)(JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token).get(JwtClaimsConstant.IDENTITY));
            return strings.stream().collect(Collectors.toSet());
        }catch (Exception e){
            e.printStackTrace();
            return null;
        }
    }
}
